| |
| ▲ | oefrha a day ago | parent | next [-] | | You know perfectly well what blocking VPN access means in common verbiage. I don't understand the motivation of these "hey look my WireGuard connection to home isn't blocked, you guys don't know the true meaning of VPN" comments that inevitably pop up in these discussions. Like come on, this is a tech forum, you're not impressing anyone for knowing the technical definition of VPN and how to set up WireGuard. | | |
| ▲ | kotaKat a day ago | parent | next [-] | | To flip that though, what about just using those sketchy-ass malware-laden "residential IP" VPN providers and route your traffic through someone else's hacked up VPN running on a Fire TV stick they bought off JimBob for $200? | |
| ▲ | TZubiri a day ago | parent | prev | next [-] | | Here's me making a similar argument a month or so ago https://news.ycombinator.com/item?id=45926849 Besides the political implications, I think we should try to find an objective taxonomy, it's clear that privacy VPNs and network security VPNs are different products semantically, commercially and legally, even if the same core tech is used. Possibly the configuration and network topology is different even, making it a technically different product, similar to how a DNS might be either an authorative server for a TLD, an ISP proxy for an end user, a consumer blacklist like pihole, or an industrial blacklist like spamhaus. It would be a non trivial mistake to conflate any pair of those and bring one up in an argument that refers to the other. | |
| ▲ | delusional a day ago | parent | prev | next [-] | | The exhausting "well actually" masks a corrosive argument, that if you can't enforce the rules in a rigid and rigorous fashion, the rule is fiat. It's not that he doesn't know the difference. He's making the argument that since there's no _technical_ difference there can be no legal difference. | | |
| ▲ | jijijijij 17 hours ago | parent | next [-] | | Yeah, it's an ignorant and arrogant take on the legal system. In most places the law is exercised pragmatically, interpreted by presumed intention. That's why legal precedent is important. You likely won't convince any judge being anal about the wording (maybe if the law gets applied for the first time). You can derail anything semantically. Furthermore, despite apparent belief, laws are frequently formulated in such a way that a particular wider term is extended to help interpretation. Eg. "It is prohibited to use a VPN in a way capable and intended to obscure one's physical internet access point identification". (Not a lawyer, not a native speaker, don't get anal with this wording, either.) I very much doubt any legally binding document would even use the term 'VPN' primarily to describe the technical means for anonymization, but rather describe it functionally. | |
| ▲ | Mashimo a day ago | parent | prev | next [-] | | If you block the commercial VPN services, you increase the burden of entry. You block the 99%. It's not a legal discission, it's a business decision. | |
| ▲ | zinekeller a day ago | parent | prev [-] | | And this is rather an anemic take. The (proposed) UK VPN ban that was recently discussed here have a definition on what exactly is a "VPN" for the purposes of the ban (basically "VPNs generally advertised to normal consumers") but a lot simply shouted "ssh go brr" (and definitely did not read the proposed law). These "let's go techical" thinking never flies with the poeple who makes such legislation, and in (probably unpopular!) opinion we should talk to them in terms that they can understand. Yes, we don't want that law, but having a purist take would probably alienate regular people. It doesn't really matter that a single person has found a loophole because many, many other people don't have such a luxury, and that's what the lawmakers are aiming for. | | |
| ▲ | marcus_holmes a day ago | parent [-] | | I have worked for fintech companies that mandate VPN use as a security measure. It's going to be interesting when the majority of the UK accesses the internet via VPN because of the increasingly ridiculous hoops that the UK makes them go through, and the government tries to stop them while also allowing VPNs to be used by the tech sector. I agree, these are two separate legal processes powered by the same technology. But the internet doesn't have any awareness of legality (thankfully) so we're stuck with only the technical meaning. | | |
| ▲ | hdgvhicv a day ago | parent [-] | | They mandate you use Nordvpn? Or surf shark? I doubt that. | | |
| ▲ | marcus_holmes 9 hours ago | parent [-] | | No obviously not. There are specialist products for this, and it's not hard to roll your own if you want. The tech is the same, though. That's the point. |
|
|
|
| |
| ▲ | fragmede a day ago | parent | prev [-] | | Tailscale is really not that hard to set up. There's an Apple TV app for it, even. And who doesn't have some friend in another state or country that would like an Apple TV? | | |
| ▲ | gruez a day ago | parent | next [-] | | Your friends don't find it uneasy that you can be tunneling illegal activities through their internet connection and have the FBI knocking at their door in a few months? | | |
| ▲ | sersi a day ago | parent | next [-] | | Exactly, I have friends from other countries. Friends I really like, I would not give a VPN access to my internet connection to most of them. They have to be the perfect intersection of technically competent (so that their computer doesn't get turned into a botnet) and fully trustworthy. I do actually give VPN access to my mother that is not technically competent but I have full access to her computer and locked her down as much as possible | |
| ▲ | wredcoll a day ago | parent | prev [-] | | This word you used... friend... what does it mean to you? |
| |
| ▲ | cyberrock a day ago | parent | prev | next [-] | | Obviously not everyone have friends in all of the countries they want to tunnel to (or want to ask them). Otherwise these VPN services wouldn't exist. | |
| ▲ | positr0n a day ago | parent | prev | next [-] | | I live a thousand miles from another country. No I don't have friends in another country and I don't even know anyone with friends in another country except immigrants or spouses of immigrants. | |
| ▲ | politelemon a day ago | parent | prev [-] | | I am concerned that this comment reads like an advert, it's completely unnecessary and out of touch. | | |
| ▲ | fragmede 16 hours ago | parent [-] | | How is it out of touch? GP comment makes it sound like the technical know to setup a VPN exit node is this crazily esoteric super weird nerdy thing that no one would expect anyone normal to even know about. Installing an Apple TV app onto an Apple TV and mailing it to a friend requires zero command line usage. But no, Tailscale did not pay me for this comment. I do happen to know someone that works there though. | | |
| ▲ | devilbunny 14 hours ago | parent [-] | | Don't bother with these comments. I made a similar reply to yours a few days ago and while most found it useful, a surprising amount of whataboutism occurred - no, Apple TV hardware isn't common, or no, only old people have them, or no, why would you use an Apple TV when [X] can do it cheaper, or no, why not self-host and not be dependent on Apple and Tailscale? Entirely missing the point that setting up a VPN exit node on your own or someone else's connection is a crazily esoteric super weird nerdy thing outside of communities like HN, and Tailscale on an Apple TV box will not only work but automatically update itself with no intervention on your part, and that the person whose house it is in needs extremely minimal technical skill to do what you tell them to over the phone. | | |
| ▲ | fragmede 13 hours ago | parent [-] | | Thanks. With people in their own independent bubbles it's hard to tell, but with a guess at 25 million Apple TVs out there in the wild, I didn't think it was that esoteric, but what do I know. Thanks again, devilbunny | | |
| ▲ | devilbunny 10 hours ago | parent [-] | | I'd say that even the idea that you could VPN into your own network and forward all traffic through it is pretty far from the mainstream. Let alone how to actually do it. Most people think of VPN as a way to avoid porn blocks or getting tagged for piracy. But, as you and I both noted, the technical know-how for setting up Tailscale is not that high, and for using it is almost nil. Turn it on, pick an exit node, go. Combine that with a device that's intended as a consumer appliance that makes maintenance a non-issue, and you have a very good solution for the family geek. You're very welcome. |
|
|
|
|
|
| |
| ▲ | protocolture a day ago | parent | prev | next [-] | | >I connect to my residential ISP in the USA via VPN all the time and have never had issues with being blocked for VPN use. Bit of a non sequitur, you would have to outline your entire usage pattern to even submit that as N=1. GEOIP providers dont sit on your home network. They do accept data from third parties, and are themselves (likely) subscribed to other IP addressing lists. Mostly they are a data aggregator, and its garbage in > garbage out. If someone, say netflix, but other services participate, flag you as having an inconsistent location, they may forward those details on and you can get added to one of these lists. You might see ip bans at various content providers. But the implementation is so slapshod that you can just as likely, poison a single ip in a CGNAT pool, and have it take over a month for anyone to act on it, where some other users on your same ISP might experience the issue. These things can also be weighted by usage, larger amounts of traffic are more interesting because it can represent a pool of more users, or more IP infringement per user. You can also get hit from poor IP reputation, hosting a webserver with a proxy or php reverse shell, or a hundred other things. (Also, larger ISPs might deal with a GEOIP provider selling lists of VPN users that include their IP address space, legally, rather than just going through the process of getting the list updated normally. This means the GEOIP providers can get skittish around some ISPs and might just not include them in lists) | | |
| ▲ | zinekeller a day ago | parent | next [-] | | There is even a single company in the unique position to actually tell where exactly(-ish, considering CGNAT exists) where an IP address is located: Google. They do use the "enhanced location" data on Android devices to pinpoint where an IP is, so a single Android device can actually change fings for Google (and YouTube). | |
| ▲ | mycall a day ago | parent | prev [-] | | > You can also get hit from poor IP reputation, hosting a webserver with a proxy or php reverse shell, or a hundred other things. or in my case, have a VM on same subnet as other poor actors and thus get bad rep from others. |
| |
| ▲ | Lapel2742 21 hours ago | parent | prev | next [-] | | >Maybe they mean commercial VPN providers that run on the cloud? I just tried it with a well known commercial VPN and I had no problems accessing the site and its music content. | |
| ▲ | aaomidi a day ago | parent | prev [-] | | https://ipinfo.io/what-is-my-ip Here’s one database to check. |
|
